Yesterday at 7pm UTC (noon PDT) we saw the volume of brute force attacks on the WordPress sites that we protect more than double from the average for the previous 24 hours. The number of attacking IPs more than tripled.
The chart below shows the count of attacks per hour from June 12th onward. You can see a very obvious spike followed by about a 10-hour pull-back, and then another surge almost back to the high we saw with the spike.
We dug into the IP addresses behind the attacks to try to figure out who or what is behind the abrupt surge.
On this blog, we often talk about employing a “defense in depth” approach to WordPress security. The majority of our focus is on the prevention and detection features offered by the Wordfence plugin. Today we turn our attention to WordPress backups, an incredibly important remediation topic.
Why Are WordPress Backups Important?
If your site is compromised, having access to backups can make your life considerably easier. The fastest way to recover from a hacked website is to restore the latest version of the site that existed prior to the hack. You will still need to close the security hole the attacker used to compromise your site after your site is back up and running, but at least you’ll have your site back to working order in hours or even minutes.
This report contains the top 25 attacking IPs for the month of May and their details. It also includes charts of brute force and complex attack activity for the same period. We also include the top themes and plugins that were attacked, and which countries generated the most attacks for this period.
This is a public service announcement from Wordfence. We are sending this notice to the WordPress community due to the widespread nature and potential severity of this security issue. It has a high likelihood of impacting some of our readers and requires immediate action on their part.
Single sign-on provider OneLogin has experienced a breach. If you or your company uses OneLogin to sign in to applications, or if you use any of their other services, you need to be aware of this and may need to take several actions immediately.
Because of its incredible popularity as a platform, WordPress enjoys a sizable, generous community of users that spend their time sharing information, resources, tips and insights with other WordPress users online. Understandably, online security is at the forefront of concerns for many site owners, and a lot of the online conversation about WordPress centers around the best ways to keep your site safe from hackers and security breaches. Despite the best of intentions from most users, there are a few myths surrounding WordPress security that persist and spread like wildfire, even if the recommendations they make don’t do anything to keep your site safe.